0/61

Threat

com.rockstargames.gtasa

GTA: SA

Analyzed on 2022-06-14T20:02:29.318933

9

permissions

1

activities

1

services

2

receivers

12

domains

File sums

MD5 8332f5394c4b7e1c157fc8e46ec60c09
SHA1 843456665a15fd76f95ae2a046641b8f0442bb6e
SHA256 61fd570787f628364c3bd57e7f77452fb265743f390cc43222f127672ff27077
Size 15.98MB

APKiD

Information computed with APKiD.

/tmp/tmpy77bdz95!classes.dex
anti_vm
  • Build.MODEL check
  • Build.MANUFACTURER check
  • Build.PRODUCT check
  • Build.BOARD check
  • possible Build.SERIAL check
  • device ID check
manipulator
  • dexmerge
compiler
  • dx (possible dexmerge)
/tmp/tmpy77bdz95!lib/armeabi-v7a/libTouchSenseSDK.so
obfuscator
  • Arxan

SSdeep

Information computed with ssdeep.

APK file 393216:xTeqE2dHDSB8g5HVsYQ4KJoh3C6hjiE6iS4LVYhoTE63Pk1FZUIYw5M5FVaR7:YqrdM8gx7Q4WKC6FNHLahoz/k18IYvat
Manifest 96:mLKJV0GgScm+yDNDfk9yFPEWxIPT09Srqr39fpu53tST+OZUCJKQtiV3axbFIqDl:x…
classes.dex 49152:jNWdK06pHfTYKmMdEbnrTbOyiAVoh5/2sEtWb1e+j4UY:jN6ZoH5MOjBc

Dexofuzzy

Information computed with Dexofuzzy.

APK file 3072:+kfLg4yYKaN0kw4rN/oT3C/9KGpunZQUS3O6yaYvWy6Gw1tqPwtB1B0vvpbCvxS:…
classes.dex 3072:+kfLg4yYKaN0kw4rN/oT3C/9KGpunZQUS3O6yaYvWy6Gw1tqPwtB1B0vvpbCvxS:…

APK details

Information computed with AndroGuard and Pithus.

Package com.rockstargames.gtasa
App name GTA: SA
Version name 2.00
Version code 26
SDK 24 - 26
UAID a56adfcdec5fcbcd6beedceabaa35fd54b7817b7
Signature Signature V1
Frosting Not frosted

Certificate details

Information computed with AndroGuard.

MD5 e89b158e4bcf988ebd09eb83f5378e87
SHA1 61ed377e85d386a8dfee6b864bd85b0bfaa5af81
SHA256 a40da80a59d170caa950cf15c18c454d47a39b26989d8b640ecd745ba71bf5dc
Issuer Email Address: android@android.com, Common Name: Android, Organizational Unit: Android, Organization: Android, Locality: Mountain View, State/Province: California, Country: US
Not before 2008-02-29T01:33:46+00:00
Not after 2035-07-17T01:33:46+00:00

Manifest analysis

Information computed with MobSF.

Medium Application Data can be Backed up[android:allowBackup] flag is missing.
The flag [android:allowBackup] should be set to false. By default it is set to true and allows anyone to backup your application data via adb. It allows users who have enabled USB debugging to copy application data off of the device.
High Broadcast Receiver (com.AdX.tag.AdXAppTracker) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.

Main Activity

Information computed with AndroGuard. 

com.rockstargames.gtasa.GTASA

Activities

Information computed with AndroGuard. 

com.rockstargames.gtasa.GTASA

Receivers

Information computed with AndroGuard. 

com.wardrumstudios.utils.WarAlarmReceiver
com.AdX.tag.AdXAppTracker

Services

Information computed with AndroGuard. 

com.wardrumstudios.utils.WarDownloaderService

Hunting matches

Information computed by Pithus.

Yara ruleset: mail
with_urls
matching files:
/classes.dex

Sample timeline

Oldest file found in APK Dec. 31, 1980, 7 p.m.
Certificate valid not before Feb. 29, 2008, 1:33 a.m.
Latest file found in APK April 2, 2021, 5:10 p.m.
First submission on VT April 2, 2021, 11:56 p.m.
Last submission on VT April 6, 2022, 6:06 p.m.
Upload on Pithus June 14, 2022, 8:02 p.m.
Certificate valid not after July 17, 2035, 1:33 a.m.

NIAP analysis

Information computed with MobSF.

FCS_RBG_EXT.1.1 The application invoke platform-provided DRBG functionality for its cryptographic operations.
Random Bit Generation Services
FCS_STO_EXT.1.1 The application does not store any credentials to non-volatile memory.
Storage of Credentials
FCS_CKM_EXT.1.1 The application generate no asymmetric cryptographic keys.
Cryptographic Key Generation Services
FDP_DEC_EXT.1.1 The application has access to ['bluetooth', 'network connectivity'].
Access to Platform Resources
FDP_DEC_EXT.1.2 The application has access to no sensitive information repositories.
Access to Platform Resources
FDP_NET_EXT.1.1 The application has user/application initiated network communications.
Network Communications
FDP_DAR_EXT.1.1 The application implement functionality to encrypt sensitive data in non-volatile memory.
Encryption Of Sensitive Application Data
FMT_MEC_EXT.1.1 The application invoke the mechanisms recommended by the platform vendor for storing and setting configuration options.
Supported Configuration Mechanism
FTP_DIT_EXT.1.1 The application does encrypt some transmitted data with HTTPS/TLS/SSH between itself and another trusted IT product.
Protection of Data in Transit
FCS_RBG_EXT.2.1
FCS_RBG_EXT.2.2		 The application perform all deterministic random bit generation (DRBG) services in accordance with NIST Special Publication 800-90A using Hash_DRBG. The deterministic RBG is seeded by an entropy source that accumulates entropy from a platform-based DRBG and a software-based noise source, with a minimum of 256 bits of entropy at least equal to the greatest security strength (according to NIST SP 800-57) of the keys and hashes that it will generate.
Random Bit Generation from Application
FCS_CKM.1.1(3)
FCS_CKM.1.2(3)		 A password/passphrase shall perform [Password-based Key Derivation Functions] in accordance with a specified cryptographic algorithm..
Password Conditioning
FCS_COP.1.1(1) The application perform encryption/decryption in accordance with a specified cryptographic algorithm AES-CBC (as defined in NIST SP 800-38A) mode or AES-GCM (as defined in NIST SP 800-38D) and cryptographic key sizes 256-bit/128-bit.
Cryptographic Operation - Encryption/Decryption
FCS_COP.1.1(2) The application perform cryptographic hashing services not in accordance with FCS_COP.1.1(2) and uses the cryptographic algorithm RC2/RC4/MD4/MD5.
Cryptographic Operation - Hashing
FCS_COP.1.1(3) The application perform cryptographic signature services (generation and verification) in accordance with a specified cryptographic algorithm RSA schemes using cryptographic key sizes of 2048-bit or greater.
Cryptographic Operation - Signing
FCS_COP.1.1(4) The application perform keyed-hash message authentication with cryptographic algorithm ['HMAC-MD5'] .
Cryptographic Operation - Keyed-Hash Message Authentication
FCS_HTTPS_EXT.1.3 The application notify the user and not establish the connection or request application authorization to establish the connection if the peer certificate is deemed invalid.
HTTPS Protocol
FIA_X509_EXT.1.1 The application invoked platform-provided functionality to validate certificates in accordance with the following rules: ['RFC 5280 certificate validation and certificate path validation', 'The certificate path must terminate with a trusted CA certificate'].
X.509 Certificate Validation
FIA_X509_EXT.2.1 The application use X.509v3 certificates as defined by RFC 5280 to support authentication for HTTPS , TLS.
X.509 Certificate Authentication
FIA_X509_EXT.2.2 When the application cannot establish a connection to determine the validity of a certificate, the application allow the administrator to choose whether to accept the certificate in these cases or accept the certificate ,or not accept the certificate.
X.509 Certificate Authentication
FPT_TUD_EXT.2.1 The application shall be distributed using the format of the platform-supported package manager.
Integrity for Installation and Update

Code analysis

Information computed with MobSF.

Low
CVSS:7.5
The App logs information. Sensitive information should never be logged.
MASVS: MSTG-STORAGE-3
CWE-532 Insertion of Sensitive Information into Log File
Files: 
 com/rockstargames/hal/ActivityWrapper.java
 com/wardrumstudios/utils/NDKHelper.java
 com/rockstargames/hal/andFacebook.java
 com/rockstargames/hal/ContainerLayout.java
 com/rockstargames/hal/andScrollView.java
 com/rockstargames/hal/PackedImage.java
 com/wardrumstudios/utils/WarAdMob.java
 com/rockstargames/hal/andVideo.java
 com/AdX/tag/AdXAppTracker.java
 com/rockstargames/hal/andDropDownList.java
 com/rockstargames/hal/TextureAtlas.java
 com/rockstargames/hal/andImageView.java
 com/rockstargames/hal/andAudioSample.java
 com/wardrumstudios/utils/WarBilling.java
 com/rockstargames/hal/andTextInput.java
 com/wardrumstudios/utils/WarHttp.java
 com/wardrumstudios/utils/WarGamepad.java
 com/rockstargames/hal/andWebView.java
 com/rockstargames/hal/andViewManager.java
 com/nvidia/devtech/NvAPKFileHelper.java
 com/wardrumstudios/utils/WarAlarmReceiver.java
 com/nvidia/devtech/NvEventQueueActivity.java
 com/AdX/tag/AdXURLConnection.java
 com/rockstargames/hal/andHttp.java
 com/rockstargames/hal/andView.java
 com/AdX/tag/AdXConnect.java
 com/wardrumstudios/utils/WarDownloader.java
 com/rockstargames/gtasa/GTASA.java
 com/wardrumstudios/utils/WarGameService.java
 com/wardrumstudios/utils/WarBase.java
 com/rockstargames/hal/andThread.java
 com/wardrumstudios/utils/WarMedia.java
 com/rockstargames/hal/andTable.java
 com/rockstargames/hal/scroll/andPagerImpl.java
 com/rockstargames/hal/andLabel.java
 com/rockstargames/hal/andFile.java
 com/rockstargames/hal/andImage.java
 com/rockstargames/hal/andScreen.java
High
CVSS:5.5
App can read/write to External Storage. Any App can read data written to External Storage.
MASVS: MSTG-STORAGE-2
CWE-276 Incorrect Default Permissions
M2: Insecure Data Storage
Files: 
 com/wardrumstudios/utils/WarMedia.java
 com/wardrumstudios/utils/NDKHelper.java
 com/rockstargames/gtasa/GTASA.java
 com/wardrumstudios/utils/WarBase.java
Medium
CVSS:7.4
MD5 is a weak hash known to have hash collisions.
MASVS: MSTG-CRYPTO-4
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
M5: Insufficient Cryptography
Files: 
 com/wardrumstudios/utils/MediaVault.java
Medium
CVSS:7.4
Files may contain hardcoded sensitive information like usernames, passwords, keys etc.
MASVS: MSTG-STORAGE-14
CWE-312 Cleartext Storage of Sensitive Information
M9: Reverse Engineering
Files: 
 com/wardrumstudios/utils/WarBilling.java
 com/rockstargames/hal/andFacebook.java
 com/rockstargames/gtasa/GTASA.java
Info
CVSS:0
This App uses SSL certificate pinning to detect or prevent MITM attacks in secure communication channel.
MASVS: MSTG-NETWORK-4
Files: 
 com/wardrumstudios/utils/WarHttp.java
Pygal Germany: 100 France: 200 Netherlands: 100 United States: 700

Map computed by Pithus.

Domains analysis

Information computed with MobSF.

US www.openssl.org 96.16.136.61
FR dev-c.com 51.75.124.107
US immr-uhl-tvm.elasticbeanstalk.com 52.37.19.163
US www.w3.org 128.30.52.100
US socialclub.rockstargames.com 104.255.105.71
US dev.sc.rockstargames.com 104.255.105.80
beta-cdn.sc.rockstargames.com
US prod.cloud.rockstargames.com 23.35.228.74
FR www.dev-c.com 51.75.124.107
US wardrumstudios.com 50.63.7.217
NL cdn.sc.rockstargames.com 87.248.202.39
DE media.rockstargames.com 23.205.234.101

URL analysis

Information computed with MobSF.

http://wardrumstudios.com/MobileDownloads/gta3/
Defined in com/wardrumstudios/utils/WarDownloader.java
http://immr-uhl-tvm.elasticbeanstalk.com/login
ftp://%s:%s@%s
http://www.openssl.org/support/faq.html
http://www.w3.org/XML/1998/namespace
http://www.w3.org/2000/xmlns/
Defined in lib/armeabi-v7a/libImmEmulatorJ.so
http://immr-uhl-tvm.elasticbeanstalk.com/login
ftp://%s:%s@%s
http://www.openssl.org/support/faq.html
http://www.w3.org/XML/1998/namespace
http://www.w3.org/2000/xmlns/
Defined in lib/armeabi-v7a/libImmEmulatorJ.so
http://immr-uhl-tvm.elasticbeanstalk.com/login
ftp://%s:%s@%s
http://www.openssl.org/support/faq.html
http://www.w3.org/XML/1998/namespace
http://www.w3.org/2000/xmlns/
Defined in lib/armeabi-v7a/libImmEmulatorJ.so
http://immr-uhl-tvm.elasticbeanstalk.com/login
ftp://%s:%s@%s
http://www.openssl.org/support/faq.html
http://www.w3.org/XML/1998/namespace
http://www.w3.org/2000/xmlns/
Defined in lib/armeabi-v7a/libImmEmulatorJ.so
http://dev.sc.rockstargames.com
https://dev.sc.rockstargames.com
https://socialclub.rockstargames.com
http://cdn.sc.rockstargames.com/images/avatars/%s/%s
http://prod.cloud.rockstargames.com/crews/sc/%04u/%s/publish/emblem/emblem_64.png
http://beta-cdn.sc.rockstargames.com/images/games/%s/achievements/Achieve%s_58x58.png
http://media.rockstargames.com/socialclub/assets/images/avatars
Defined in lib/armeabi-v7a/libSCAnd.so
http://dev.sc.rockstargames.com
https://dev.sc.rockstargames.com
https://socialclub.rockstargames.com
http://cdn.sc.rockstargames.com/images/avatars/%s/%s
http://prod.cloud.rockstargames.com/crews/sc/%04u/%s/publish/emblem/emblem_64.png
http://beta-cdn.sc.rockstargames.com/images/games/%s/achievements/Achieve%s_58x58.png
http://media.rockstargames.com/socialclub/assets/images/avatars
Defined in lib/armeabi-v7a/libSCAnd.so
http://dev.sc.rockstargames.com
https://dev.sc.rockstargames.com
https://socialclub.rockstargames.com
http://cdn.sc.rockstargames.com/images/avatars/%s/%s
http://prod.cloud.rockstargames.com/crews/sc/%04u/%s/publish/emblem/emblem_64.png
http://beta-cdn.sc.rockstargames.com/images/games/%s/achievements/Achieve%s_58x58.png
http://media.rockstargames.com/socialclub/assets/images/avatars
Defined in lib/armeabi-v7a/libSCAnd.so
http://dev.sc.rockstargames.com
https://dev.sc.rockstargames.com
https://socialclub.rockstargames.com
http://cdn.sc.rockstargames.com/images/avatars/%s/%s
http://prod.cloud.rockstargames.com/crews/sc/%04u/%s/publish/emblem/emblem_64.png
http://beta-cdn.sc.rockstargames.com/images/games/%s/achievements/Achieve%s_58x58.png
http://media.rockstargames.com/socialclub/assets/images/avatars
Defined in lib/armeabi-v7a/libSCAnd.so
http://dev.sc.rockstargames.com
https://dev.sc.rockstargames.com
https://socialclub.rockstargames.com
http://cdn.sc.rockstargames.com/images/avatars/%s/%s
http://prod.cloud.rockstargames.com/crews/sc/%04u/%s/publish/emblem/emblem_64.png
http://beta-cdn.sc.rockstargames.com/images/games/%s/achievements/Achieve%s_58x58.png
http://media.rockstargames.com/socialclub/assets/images/avatars
Defined in lib/armeabi-v7a/libSCAnd.so
http://dev.sc.rockstargames.com
https://dev.sc.rockstargames.com
https://socialclub.rockstargames.com
http://cdn.sc.rockstargames.com/images/avatars/%s/%s
http://prod.cloud.rockstargames.com/crews/sc/%04u/%s/publish/emblem/emblem_64.png
http://beta-cdn.sc.rockstargames.com/images/games/%s/achievements/Achieve%s_58x58.png
http://media.rockstargames.com/socialclub/assets/images/avatars
Defined in lib/armeabi-v7a/libSCAnd.so
http://dev.sc.rockstargames.com
https://dev.sc.rockstargames.com
https://socialclub.rockstargames.com
http://cdn.sc.rockstargames.com/images/avatars/%s/%s
http://prod.cloud.rockstargames.com/crews/sc/%04u/%s/publish/emblem/emblem_64.png
http://beta-cdn.sc.rockstargames.com/images/games/%s/achievements/Achieve%s_58x58.png
http://media.rockstargames.com/socialclub/assets/images/avatars
Defined in lib/armeabi-v7a/libSCAnd.so
http://dev-c.com
www.dev-c.com
Defined in lib/armeabi-v7a/libcleo.so

Permissions analysis

Information computed with MobSF.

High android.permission.WRITE_EXTERNAL_STORAGE read/modify/delete external storage contents
Allows an application to write to external storage.
High android.permission.GET_ACCOUNTS list accounts
Allows access to the list of accounts in the Accounts Service.
Low android.permission.WAKE_LOCK prevent phone from sleeping
Allows an application to prevent the phone from going to sleep.
Low android.permission.ACCESS_WIFI_STATE view Wi-Fi status
Allows an application to view the information about the status of Wi-Fi.
Low android.permission.INTERNET full Internet access
Allows an application to create network sockets.
Low android.permission.VIBRATE control vibrator
Allows the application to control the vibrator.
Low android.permission.ACCESS_NETWORK_STATE view network status
Allows an application to view the status of all networks.
Low android.permission.BLUETOOTH create Bluetooth connections
Allows applications to connect to paired bluetooth devices.
com.android.vending.CHECK_LICENSE Unknown permission
Unknown permission from android reference

Threat analysis

Information computed with Quark-Engine.

Confidence:
100%
Write HTTP input stream into a file
Confidence:
100%
Query the current data network type
Confidence:
100%
Create a socket connection to the given host address
Confidence:
100%
Implicit intent(view a web page, make a phone call, etc.)
Confidence:
100%
Find a method from given class name, usually for reflection
Confidence:
100%
Read data and put it into a buffer stream
Confidence:
100%
Start a web server
Confidence:
100%
Connect to a URL and receive input stream from the server
Confidence:
100%
Method reflection
Confidence:
100%
Create a secure socket connection to the given host address
Confidence:
100%
Retrieve data from broadcast
Confidence:
100%
Read sensitive data(SMS, CALLLOG, etc)
Confidence:
100%
Open a file from given absolute path of the file
Confidence:
100%
Implicit intent(view a web page, make a phone call, etc.) via setData
Confidence:
100%
Connect to a URL and get the response code
Confidence:
100%
Send notification
Confidence:
100%
Monitor the broadcast action events (BOOT_COMPLETED)
Confidence:
100%
Get absolute path of the file and store in string
Confidence:
100%
Read file from assets directory
Confidence:
100%
Get calendar information
Confidence:
100%
Get the current WIFI information
Confidence:
100%
Query the ICCID number
Confidence:
100%
Query the IMEI number
Confidence:
100%
Method reflection
Confidence:
100%
Connect to the remote server through the given URL
Confidence:
100%
Query WiFi information and WiFi Mac Address
Confidence:
100%
Query data from URI (SMS, CALLLOGS)
Confidence:
100%
Get the current WiFi MAC address
Confidence:
100%
Connect to a URL and set request method
Confidence:
100%
Get specific method from other Dex files
Confidence:
80%
Get absolute path of file and put it to JSON object
Confidence:
80%
Get location info of the device and put it to JSON object
Confidence:
80%
Connect to a URL and read data from it
Confidence:
80%
Check if the given file path exist

Behavior analysis

Information computed with MobSF.

Android notifications 
       com/wardrumstudios/utils/WarServiceNotifyAlarm.java
       com/wardrumstudios/utils/WarDownloader.java
       com/wardrumstudios/utils/WarService.java
Certificate handling 
       com/wardrumstudios/utils/WarHttp.java
Crypto 
       com/AdX/tag/AdXConnect.java
Get android advertising id 
       com/AdX/tag/AdXConnect.java
Get installed applications 
       com/wardrumstudios/utils/WarMedia.java
Get network interface information 
       com/wardrumstudios/utils/WarMedia.java
Get sim serial number 
       com/wardrumstudios/utils/WarMedia.java
Get system service 
       com/wardrumstudios/utils/WarBootNotify.java
       com/rockstargames/hal/andColourPicker.java
       com/wardrumstudios/utils/WarMedia.java
       com/wardrumstudios/utils/WarServiceNotifyAlarm.java
       com/rockstargames/hal/andNotification.java
       com/wardrumstudios/utils/NDKHelper.java
       com/AdX/tag/AdXConnect.java
       com/rockstargames/hal/andScreen.java
       com/wardrumstudios/utils/WarDownloader.java
       com/nvidia/devtech/NvEventQueueActivity.java
       com/wardrumstudios/utils/WarService.java
       com/wardrumstudios/utils/WarBase.java
Get wifi details 
       com/AdX/tag/AdXConnect.java
Http connection 
       com/AdX/tag/AdXURLConnection.java
       android/net/http/RequestQueue.java
       android/net/http/Headers.java
       com/rockstargames/hal/andHttp.java
       com/wardrumstudios/utils/WarHttp.java
       android/net/http/AndroidHttpClient.java
       com/rockstargames/hal/PresenceConnection.java
       com/AdX/tag/AdXConnect.java
       com/wardrumstudios/utils/WarDownloader.java
       android/net/http/AndroidHttpClientConnection.java
Http requests, connections and sessions 
       com/AdX/tag/AdXURLConnection.java
       com/wardrumstudios/utils/WarHttp.java
       android/net/http/AndroidHttpClient.java
Inter process communication 
       com/wardrumstudios/utils/WarBootReceiver.java
       com/rockstargames/hal/andNotification.java
       com/wardrumstudios/utils/WarServiceNotifyReceiver.java
       com/rockstargames/hal/andAlarmReceiver.java
       com/rockstargames/hal/andLinkAccounts.java
       com/rockstargames/hal/andFacebook.java
       com/bda/controller/IControllerListener.java
       com/bda/controller/IControllerMonitor.java
       com/rockstargames/hal/OtherAppLauncher.java
       com/bda/controller/IControllerService.java
       com/AdX/tag/AdXAppTracker.java
       com/wardrumstudios/utils/WarDownloader.java
       com/rockstargames/gtasa/GTASA.java
       com/wardrumstudios/utils/WarGameService.java
       com/wardrumstudios/utils/WarBase.java
       com/wardrumstudios/utils/WarBootNotify.java
       com/wardrumstudios/utils/WarBilling.java
       com/wardrumstudios/utils/WarActivityLifecycleListener.java
       com/wardrumstudios/utils/WarMedia.java
       com/wardrumstudios/utils/WarServiceNotifyAlarm.java
       com/bda/controller/Controller.java
       com/nvidia/devtech/NvUtil.java
       com/wardrumstudios/utils/WarAlarmReceiver.java
       com/wardrumstudios/utils/WarService.java
Java reflection 
       com/wardrumstudios/utils/WarServiceNotifyAlarm.java
       com/AdX/tag/AdXAppTracker.java
Kill process 
       com/wardrumstudios/utils/WarMedia.java
Loading native code (shared library) 
       com/wardrumstudios/utils/NDKHelper.java
       com/rockstargames/gtasa/GTASA.java
Local file i/o operations 
       com/wardrumstudios/utils/WarMedia.java
       com/wardrumstudios/utils/WarServiceNotifyAlarm.java
       com/AdX/tag/AdXConnect.java
       com/AdX/tag/AdXAppTracker.java
       com/rockstargames/hal/andSecureData.java
       com/wardrumstudios/utils/WarService.java
       com/wardrumstudios/utils/WarBase.java
Message digest 
       com/wardrumstudios/utils/MediaVault.java
Sending broadcast 
       com/wardrumstudios/utils/WarService.java
Starting activity 
       com/wardrumstudios/utils/WarMedia.java
       com/rockstargames/hal/andLinkAccounts.java
       com/rockstargames/hal/OtherAppLauncher.java
       com/wardrumstudios/utils/WarGameService.java
Starting service 
       com/wardrumstudios/utils/WarBootReceiver.java
       com/bda/controller/Controller.java
       com/wardrumstudios/utils/WarServiceNotifyReceiver.java
Tcp socket 
       com/wardrumstudios/utils/WarMedia.java
       com/rockstargames/hal/andLabel.java
       com/rockstargames/hal/PresenceConnection.java
       android/net/http/AndroidHttpClientConnection.java
Url connection to file/http/https/ftp/jar 
       com/rockstargames/hal/PresenceConnection.java

Control flow graphs analysis

Information computed by Pithus.

The application probably opens socket

The application probably loads JS-capable web views

The application probably dynamically loads code

The application probably gets different information regarding the telephony capabilities

The application probably gets the IMEI of the phone

The application probably gets the serial number of the SIM card

The application probably gets the advertising ID for tracking purposes

The application probably gets the location based on GPS and/or Wi-Fi

The application probably gets the Wi-Fi connection information

The application probably gets the network connections information

The application probably gets network interfaces addresses (IP and/or MAC)

The application probably uses cryptography

The application probably uses the phone sensors

The application probably sends data over UDP protocol

The application probably receives data over UDP protocol

The application probably sends data over HTTP/S

The application probably lists all installed applications

The application probably starts another application

The application probably gets memory and CPU information

The application probably creates an accessibility service

The application probably listens accessibility events